IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
/usr/lib/systemd/random-seed is not a thing.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
(cherry picked from commit b4e5c103be9de99dfb5e2e47fd1563cf5388978a)
(cherry picked from commit b1ecfe3fe7a74b2be8127dfa15514cd9f01f5c85)
In a few cases, also avoid a sleep in the last (failed) iteration of the loop.
It doesn't matter too much, but it's still ugly.
(cherry picked from commit 4481a3085501b4982e81c904db6c8f11a567efb9)
(cherry picked from commit c6e957d02de5bfbefc6f43e0d0d8db61cf41d7b4)
Brief is sweet.
(cherry picked from commit 128db0aa0098b58b415065c2955f9abc7fc967e1)
(cherry picked from commit f3abd451dde25086e06c56ba0b8388f64c1d306e)
Follow-up for c6b8fffdfaf1f7c9a1dac73e1e54993a06c766c0
(cherry picked from commit 33054db730fb6f2fd6221d38a788e30b95525463)
(cherry picked from commit 59243061f62142ee0f74d25e352a55f174f1bb97)
sd-bus connection is cached by the two pam modules globally, but this
can lead to issues due to hashmaps (used by sd-bus) using a global
static variable for the shared hash key, which is different per module
as both modules are loaded in the same process.
This happens because the sd-bus object is create in one module, but
used in the other, so global state does not match.
Use a different pam cache identifier for the sd-bus pointer, so that
each module uses a different sd-bus connection as a workaround.
Fixes https://github.com/systemd/systemd/issues/27216
Fixes https://github.com/systemd/systemd/issues/17266
(cherry picked from commit a2dd39b4cb19f4ed4599422e635cc019dcae6ada)
(cherry picked from commit 04983c2b00c8c04dd97ce55a43c6811355b642d6)
acquire_home() takes a reference to a sd-bus object, which the open_session
hook cleans on success. But only when handling a user actually owned by homed,
it did not clean it up when skipping because it is being invoked on a system
user.
We need to be careful with sd-bus here as pam_sm_open_session is the last
hook before forking, and we want to clean up sd-bus before that happens, or
we'll have a broken reference (FDs are cloexec) in the child process, which
will then assert when attempting to close them, or leak the bus connection
which causes dbus to complain loudly:
dbus-daemon[62]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30020ms)
(cherry picked from commit db0c0f5e003b0a0e202dbc399d35db36087c641c)
(cherry picked from commit 0045d952b5db4b8761892faef2a2e173111c6333)
It picks the bus based on the cgroup slice.
(cherry picked from commit f0f7cbd488fd0e00c5b77baf3b1324240fd7d72d)
(cherry picked from commit 5a8987794eb1cddf43bfe240d241d3a5462c1e5a)
Add fully working and documented example that can be copied and pasted
(cherry picked from commit c6b8fffdfaf1f7c9a1dac73e1e54993a06c766c0)
(cherry picked from commit b9af9a320ece89804ba8e17390240e4325968ef5)
Normal users do not have permissions to access /proc/1/root, so
'systemd-detect-virt -r' fails, but the output, even at debug level
is cryptic:
$ SYSTEMD_LOG_LEVEL=debug build/systemd-detect-virt -r
Failed to check for chroot() environment: Permission denied
Let's make this a bit easier to figure out:
$ SYSTEMD_LOG_LEVEL=debug build/systemd-detect-virt -r
Cannot stat /proc/1/root: Permission denied
Failed to check for chroot() environment: Permission denied
I looked over other users of files_same(), and I think in general the message
at debug level is OK for them too.
(cherry picked from commit 08c2f9c626e0f0052d505b1b7e52f335c0fbfa1d)
(cherry picked from commit 4d2b5338ac0ab8c351bc6aa31113c2dfbe26f890)
See added code comment for a longer explanation. TLDR: Linux maintains
distinct block device caches for partition and "whole" block devices,
and a simply BLKFLSBUF should make the worst confusions this causes go
away.
(cherry picked from commit 4d49f44f0fcdaa51b7311fb9420018995945f3f3)
(cherry picked from commit 2be23f69eef7d9b12e4ddeffcf676ba54a9a6ad7)
See 9fd8226312 for more details.
Follow-up to c9210b7470.
(cherry picked from commit 574d09bad079cfc19e0dd142fd6fe23d4b251878)
(cherry picked from commit 14eb49b5eb48a73a77baafc63aa3e46c524aeaf2)
detect_vm() is cheap, because cached, let's hence do that early before
we get out the big guns and sweep through sysfs.
(cherry picked from commit 0a5d3c0b5bfee68102de6345a3cd5580fbd5da02)
(cherry picked from commit 980954d2cf66a52d8950b93371b222443e4c7f23)
Commit f90eea7d18d9ebe88e6a66cd7a86b618def8945d
virt: Improve detection of EC2 metal instances
Added support for detecting EC2 metal instances via the product
name in DMI by testing for the ".metal" suffix.
Unfortunately this doesn't cover all cases, as there are going to be
instance types where ".metal" is not a suffix (ie, .metal-16xl,
.metal-32xl, ...)
This modifies the logic to also allow those new forms.
Signed-off-by: Benjamin Herrenschmidt <benh@amazon.com>
(cherry picked from commit aab896e2135362ab126830c73284d4af0baad88a)
(cherry picked from commit cedea4cb7ee18b2d174e5290dbad03c5b91bea37)
strstrafter() is like strstr() but returns a pointer to the first
character *after* the found substring, not on the substring itself.
Quite often this is what we actually want.
Inspired by #27267 I think it makes sense to add a helper for this,
to avoid the potentially fragile manual pointer increment afterwards.
(cherry picked from commit d791013ff529cbbb74d4cc5f1455f172befab1e6)
(cherry picked from commit 826662680badec75ba0fd607dbeaedf6f45cec8f)
They're used in repart, but are not part of the "common" specifier
lists, so cover them explicitly.
(cherry picked from commit 9f7fcf80ad2bd69d1267e782ac2c846e40bf2c7d)
(cherry picked from commit 79e23f618fec48cc8ff4fdf9aa3cf8e82f6c1d04)
This removes remaining hardcoded occurences of `/sbin/fsck`, and instead
uses `find_executable` to find `fsck`.
We also use `fsck_exists_for_fstype` to check for the `fsck.*`
executable, which also checks in `$PATH`, so it's fair to assume fsck
itself is also available.
(cherry picked from commit a108fcbacee859036f5613177321889bc34fd597)
(cherry picked from commit 3ee1839c19f1187d04b81a823b62ce26e8f6e595)
Otherwise it keeps printing stuff to the journal/console, adding
unnecessary noise.
(cherry picked from commit 3a8b7e8b5f72a940a07938a8ed33f2c3283dd52b)
(cherry picked from commit eab75a859117206352f4c8d2928631c42e9b3541)
* Fix inaccurate synposis, and description
Before the fix, they reflected only part of networkctl functionality.
(cherry picked from commit dd9f909ea819a4a06218982f681b92dab0ba7d9d)
(cherry picked from commit f86ec3495853ab143d5b0c1d0cb09b5725ef8d40)
Follow-up for d2ebd50d7f9740dcf30e84efc75610af173967d2
Fixes#27105
(cherry picked from commit 6b7f150bbf4e873e57d527b7328ac59a57e0a681)
(cherry picked from commit fffcebc4bbe841418556d551b9ed44f8b7056138)
Make sure the RuntimeMaxSec is applied correctly to service and scope
units when they are started, and also on coldplug.
(cherry picked from commit af4688398f55b110c9d7d57be5cd0199b06e18c8)
(cherry picked from commit f152cdabaed160c767de2857b9c22513e8518b3e)
In scope_set_state(), the timer event source may be disabled depending
on the state. Currently, it will be disabled when the state is
SCOPE_RUNNING. This has the effect of new RuntimeMaxSec values being
ignored on coldplug.
Note that this issue is not currently present when scopes are started
because when scope_start() is called, scope_arm_timer() is called after
scope_set_state().
(cherry picked from commit e1f85b49b09ed3e3717cf7776c9da7acc4e906c6)
(cherry picked from commit 999f48558bbe5d4665b97d76c530edc12f71b70b)
Correct what appears to be a copy/paste error in config_parse_exec_coredump_filter that is preventing the coredump_filter setting from working correctly.
(cherry picked from commit 9c669abb7106ae340ea47e7747d3bd054fbacdc5)
(cherry picked from commit 91953109ecd0956775b5bef442cd567917b11050)
When a unit is upheld and fails, and there are no state changes in
the upholder, it will not be retried, which is against what the
documentation suggests.
Requeue when the job finishes. Same for the other two queues.
(cherry picked from commit 4c7a0fc8d061b41fdd63eb19b6fc0a5c94668dde)
(cherry picked from commit fa8d33bb3704f7b14c1c51e1d0e48e0e5042a98c)
The Upholds= promise is that as long as unit A is up and Upholds=B,
B will be activated if failed or inactive. But there is a hard-coded,
non-configurable rate limit for this, so add a timed retry after the
ratelimit has expired.
Apply to BindsTo= and StopWhenUnneeded= as well.
(cherry picked from commit 7223d500ac548c69e7879931e3ad8c84838f925b)
(cherry picked from commit 6fc08d840718cbf20ddc2832a603c149ed92331b)
/bin/login is shipped in util-linux, however, systemd.spec on Fedora has
"Requires: (util-linux-core or util-linux)". If the dependency is
fulfilled just by installation of util-linux-core then users won't be
able to log in into the container after it boots. Let's add util-linux
package to the package list so that /bin/login is always present.
(cherry picked from commit 5015b5014bcff93371aef2c78b92efcfc2e38a40)
(cherry picked from commit 1fb4ae32b08c737662714c259573159d0e8788c3)
Fedora 36 is a bit old at this point and will be EOL in about 6 weeks.
Fedora 38 is not out yet, so the cloud link wouldn't work.
(cherry picked from commit 5a9e2dff473fe9c18f1425fd18ed7c16881b6997)
(cherry picked from commit 841146f243db0c368b20b111fe5d33166ff325b4)
follow-up to https://github.com/systemd/systemd/pull/27071
in order to create Github Releases, the job needs permissions to write
contents
also:
- pinned the `softprops/action-gh-release` action to a specific commit
- made it only active on the `systemd` organization repos (so not on
forks)
(cherry picked from commit 7b411cf8421ef3bf6c05edcf131f63b8e7bae8ac)
(cherry picked from commit dc2facf61d80cbb45421d024b56b93fb70e363aa)
After manually editing /etc/locale.gen, calling localectl set-locale
sometimes fails. When it fails, the systemd journal shows:
systemd-localed: free() / invalid pointer.
It turned out that it only fails if some of the uncommented lines in
/etc/locale.gen have leading spaces, as in:
* C.UTF-8 <= OK
* en_US.UTF-8 <= OK
* fr_FR.UTF-8 <= NOK
After parsing a line from /etc/locale.gen, we use strstrip() to obtain
the "trimmed" line (without leading or trailing spaces).
However, we store the result of strstrip() in the original pointer
containing the untrimmed line. This pointer is later passed to free
(this is done automatically using _cleanup_free_).
This is a problem because if any leading space is present, the pointer
will essentially be shifted from its original value. This will result in
an invalid free upon cleanup.
The same issue is present in the locale_gen_locale_supported function.
Fixed by storing the result of strstrip() in a different pointer.
(cherry picked from commit b24b10592d74b73529817813ff33f7e28e79ca41)
(cherry picked from commit d18037b8ff43a1d7310708a50786f92c1291ce80)
When Ubuntu CI is oversaturated, 60s doesn't seem to be enough.
(cherry picked from commit cb58571a1193122a5c20e8f6587115382d281002)
(cherry picked from commit 93ac024b7e568fe65b2e8f55ef13a32880239e95)
